Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-10878

Hadoop servlets need ACLs

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Won't Fix
    • None
    • None
    • metrics, security

    Description

      As far as I'm aware, once a user gets past the HTTP-level authentication, all servlets available on that port are available to the user. This is a security hole as there is some information and services that we don't want every user to be able to access or only want them to access from certain locations.

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-5722 HTTP metrics interface enable/disable must be configurable

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              aw Allen Wittenauer
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: